Netty denial of service vulnerability

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...

GHSA-7VPQ-G998-QPV7 Netty denial of service vulnerability

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service memory consumption via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames...

[SECURITY] [DLA 2110-1] netty-3.9 security update

Package : netty-3.9 Version : 3.9.0.Final-1+deb8u1 CVE ID : CVE-2014-0193 CVE-2014-3488 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 Debian Bug : 746639 941266 950966 950967 Several vulnerabilities were discovered in Netty, a Java NIO client/server socket framework: CVE-2014-0193...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security update

Red Hat JBoss Fuse and A-MQ 6.1.0 Rollup Patch 1, which addresses several security issues, multiple bug fixes, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability...

RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.3.0 update (Important) (RHSA-2014:1019)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1019 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A race condition...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.0 update

Updated Red Hat JBoss Enterprise Application Platform 6.3.0 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common...

Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.2 update

Red Hat JBoss BRMS 6.0.2, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...

CVE-2014-0193

CVE-2014-0193 is a Netty WebSocket DoS vulnerability. The WebSocket08FrameDecoder in Netty versions 3.6.x (before 3.6.9), 3.7.x (before 3.7.1), 3.8.x (before 3.8.2), 3.9.x (before 3.9.1), and 4.0.x (before 4.0.19) can be triggered by sending a TextWebSocketFrame followed by a long stream of Conti...